<?php
	require_once( "functions/inc_systemFunctions.php" );
	page_header( "Wayne Schlegel Inc. | Product reviews", true, "myflight" );
?>

<?php
	$currentProduct = getProduct( $_GET['pid'] );
	
	if( !empty( $_POST['send'] ) ){
		# save review
		$sql = "INSERT INTO reviews 
				( userData_id, product_id, title, text, lastWriteAccess ) 
				VALUES
				( '" . $_SESSION['user_id'] . "', '" . $_POST['pid'] . "', '" . $_POST['title'] . "', '" . $_POST['review'] . "', '" . date( "Y-m-d H:i:s" ) . "' ) ";
		$res = mysql_query( $sql );
		if( !$res ){
			echo mysql_error();
		} else {
			echo "<p class =\"green\">Your review has been saved and submitted to be unlocked.</p>";
		}
	} else {

?>
		<h1>Add review for <?=$currentProduct['marketingName']?></h1>
		<form method="post" action="" class="iForm">
			<input type="hidden" name="pid" value="<?=$_GET['pid']?>" />
			<label for="title">Title</label><br />
			<input type="text" name="title" id="title" /><br />
			<label for="review">Your review</label><br />
			<textarea name="review" id="review" rows="5"></textarea><br />
			<input type="submit" name="send" id="send" value="save" /><br />
		</form>
<?php
	}
?>
<?php
	page_footer();
?>